Advanced Android and iOS Hands-on Exploitation
Buy now
Learn more
Introduction to the Class
Thanks for Joining
How to get the most out of this training
Android Internals
Introduction to Android
Android Ecosystem and Research Opport...
Building Blocks
Linux Kernel
HAL, ART and API
Android Basics
Lab Setup
Setting up the Lab
Android Studio - Overview
Genymotion Introduction
Installing VM
Android: Interacting and Exploring
ADB: Introduction and Usage
Package Manager
Android File System
Deconstructing Android apps
Application Journey
Inside an APK
Reversing Android apps: Overview
Sample Android App
AndroidManifest.xml
Decompiling using JADx
APKTool and Intro to Smali
Patching Android Binaries
Exploiting Android Components
Android Apps Components
Introduction to Activities and Intents
Demo App using Activities and Intents
Exploiting Activities
How to find vulnerabilities
Unlocking Premium Components
Android Fragments Introduction
Exploiting Fragments
Exported Behavior of Android IPC Comp...
Intent Filters, Broadcasts Receivers and Deep Links
Intent-Filters
Broadcast Receivers - Introduction
Exploiting a Dynamic Broadcast Receiver
Exploiting Intent Filters based vulne...
Introduction to DeepLinks
Exploiting Deep Links
Exploiting Deep Links - 2
Data Handling in Android applications
Data Storage - Introduction
What are Shared Preferences?
Assessing a Vault application
Decrypting sensitive data stored in S...
Introduction to SQLite
Working with SQLite
Introduction to Firebase
Identifying Firebase vulnerabilities
Introduction to Content Providers
Content Provider Security overview
Find and Query Content Providers
Introduction to Drozer
Exploiting Leaking Content Providers
Permission exploitation using Insecur...
Sniffing data in Broadcasts
introduction to External Data Storage
Analyzing Applock Vault app
Analyzing pin implementation
Hex manipulation to safely store vaul...
Network Security
Network Security approach
Network Security in Android
Introduction to Proxying
Setting up network proxy with Android...
Analyzing malware application traffic
Intercepting SSL traffic
Android Certificate/Key pinning
Bypassing SSL pinning using Binary mo...
Android Webviews
Dynamic Process Instrumentation
Dynamic Instrumentation - What, Why a...
Frida 101
Frida setup for Android
Frida REPL and JS
Using Frida API
Frida + Python for app enumeration
Tracing instruction and method calls
Method Hooking
Accessing and Manipulating variables
Invoking functions
Method Overloading
Using Frida for SSL traffic analysis
Introduction to Objection
Objection for app analysis
Native Library Analysis
Debugging Native Libraries
iOS : Getting Started
Introduction to the iOS section
iOS outline
iOS - 1000 ft view
iOS Platform and Application security...
Jailbreaking
Interacting with iOS
Application Signing
Lab Setup: iOS Device
Lab Setup: Host
Exploring iOS File System
Dev Foundations
Dev Foundations overview
Xcode Deep Dive
Obj-C Internals
Swift
Models, Views and Controllers
Delegates and Protocols
Frameworks and Packages
Models Views and Controllers
iOS App Deep Dive
App Distribution
Dumping iOS apps
App Encryption
MachO binary
Information Property List
Frameworks and Assets
Intents and Application Extensions
Code Signing Deep Dive
Simulator
Data Handling in iOS apps
App Inspection: Data
Bundle
Data Storage Types
Data Protection API
Data Security Tools
Using Frida for File System tracing
User Defaults
Plist
Bypassing App Restricitons
Core Data
Cookies
Keychain
Keychain-II
Pasteboard
Cache
Memory
iOS Networking
Introduction to iOS Networking
Network traffic capture in iOS
Intercepting secure communication
Inspecting iOS Network Data
iOS webview
Remote Virtual Interfaces
iOS Binary Exploitation
Binary Inspection
Dissecting MachO
Classes and Methods
Reversing iOS Binaries for analysis
Binary Analysis using Ghidra for iOS
iOS Binary Patching
iOS App Repackaging
iOS Instrumentation and Debugging
Instrumentation & Debugging
iOS Process Exploration
Object property modification
Tracing Program Execution - I
Tracing Program Execution - II
Manipulating runtime - Part I
Manipulating runtime - Part II
Intro to Debugging
ARM Calling Convention
Runtime Manipulation with Debugging -...
Runtime Manipulation with Debugging -...
Runtime Manipulation w: Instrumentation
Anti-Debugging Protection
THEOS : Introduction & Setup
Hooking into SpringBoard
Writing Theos Patches
Permanent security patches
Classroom Project
Classroom Project
Products
Course
Section
Android: Interacting and Exploring
Android: Interacting and Exploring
Advanced Android and iOS Hands-on Exploitation
Buy now
Learn more
Introduction to the Class
Thanks for Joining
How to get the most out of this training
Android Internals
Introduction to Android
Android Ecosystem and Research Opport...
Building Blocks
Linux Kernel
HAL, ART and API
Android Basics
Lab Setup
Setting up the Lab
Android Studio - Overview
Genymotion Introduction
Installing VM
Android: Interacting and Exploring
ADB: Introduction and Usage
Package Manager
Android File System
Deconstructing Android apps
Application Journey
Inside an APK
Reversing Android apps: Overview
Sample Android App
AndroidManifest.xml
Decompiling using JADx
APKTool and Intro to Smali
Patching Android Binaries
Exploiting Android Components
Android Apps Components
Introduction to Activities and Intents
Demo App using Activities and Intents
Exploiting Activities
How to find vulnerabilities
Unlocking Premium Components
Android Fragments Introduction
Exploiting Fragments
Exported Behavior of Android IPC Comp...
Intent Filters, Broadcasts Receivers and Deep Links
Intent-Filters
Broadcast Receivers - Introduction
Exploiting a Dynamic Broadcast Receiver
Exploiting Intent Filters based vulne...
Introduction to DeepLinks
Exploiting Deep Links
Exploiting Deep Links - 2
Data Handling in Android applications
Data Storage - Introduction
What are Shared Preferences?
Assessing a Vault application
Decrypting sensitive data stored in S...
Introduction to SQLite
Working with SQLite
Introduction to Firebase
Identifying Firebase vulnerabilities
Introduction to Content Providers
Content Provider Security overview
Find and Query Content Providers
Introduction to Drozer
Exploiting Leaking Content Providers
Permission exploitation using Insecur...
Sniffing data in Broadcasts
introduction to External Data Storage
Analyzing Applock Vault app
Analyzing pin implementation
Hex manipulation to safely store vaul...
Network Security
Network Security approach
Network Security in Android
Introduction to Proxying
Setting up network proxy with Android...
Analyzing malware application traffic
Intercepting SSL traffic
Android Certificate/Key pinning
Bypassing SSL pinning using Binary mo...
Android Webviews
Dynamic Process Instrumentation
Dynamic Instrumentation - What, Why a...
Frida 101
Frida setup for Android
Frida REPL and JS
Using Frida API
Frida + Python for app enumeration
Tracing instruction and method calls
Method Hooking
Accessing and Manipulating variables
Invoking functions
Method Overloading
Using Frida for SSL traffic analysis
Introduction to Objection
Objection for app analysis
Native Library Analysis
Debugging Native Libraries
iOS : Getting Started
Introduction to the iOS section
iOS outline
iOS - 1000 ft view
iOS Platform and Application security...
Jailbreaking
Interacting with iOS
Application Signing
Lab Setup: iOS Device
Lab Setup: Host
Exploring iOS File System
Dev Foundations
Dev Foundations overview
Xcode Deep Dive
Obj-C Internals
Swift
Models, Views and Controllers
Delegates and Protocols
Frameworks and Packages
Models Views and Controllers
iOS App Deep Dive
App Distribution
Dumping iOS apps
App Encryption
MachO binary
Information Property List
Frameworks and Assets
Intents and Application Extensions
Code Signing Deep Dive
Simulator
Data Handling in iOS apps
App Inspection: Data
Bundle
Data Storage Types
Data Protection API
Data Security Tools
Using Frida for File System tracing
User Defaults
Plist
Bypassing App Restricitons
Core Data
Cookies
Keychain
Keychain-II
Pasteboard
Cache
Memory
iOS Networking
Introduction to iOS Networking
Network traffic capture in iOS
Intercepting secure communication
Inspecting iOS Network Data
iOS webview
Remote Virtual Interfaces
iOS Binary Exploitation
Binary Inspection
Dissecting MachO
Classes and Methods
Reversing iOS Binaries for analysis
Binary Analysis using Ghidra for iOS
iOS Binary Patching
iOS App Repackaging
iOS Instrumentation and Debugging
Instrumentation & Debugging
iOS Process Exploration
Object property modification
Tracing Program Execution - I
Tracing Program Execution - II
Manipulating runtime - Part I
Manipulating runtime - Part II
Intro to Debugging
ARM Calling Convention
Runtime Manipulation with Debugging -...
Runtime Manipulation with Debugging -...
Runtime Manipulation w: Instrumentation
Anti-Debugging Protection
THEOS : Introduction & Setup
Hooking into SpringBoard
Writing Theos Patches
Permanent security patches
Classroom Project
Classroom Project
3 Lessons
ADB: Introduction and Usage
Package Manager
Android File System